ARM Adopts Using The LLVM/Clang Compiler

ARM Compiler 6 is beginning to use the LLVM/Clang compiler…

Distribution Release: VortexBox 2.3

Andrew Gillis has announced the release of VortexBox 2.3, the latest version of the project’s Fedora-based distribution that turns an unused computer into an easy-to-use music server or jukebox: “It has been over a year since our last full release of VortexBox. There have been small incremental updates….

RuneRadio – Mod Giara – 10th April, 16:00 BST

Mod Giara will be on RuneRadio today at 16:00 BST, taking your questions and playing his favourite tunes.

The Perfect Desktop – OpenSUSE 13.1 (GNOME)

The Perfect Desktop – OpenSUSE 13.1 (GNOME)

This tutorial shows how you can set up an OpenSUSE 13.1 desktop that is a full-fledged replacement for a Windows desktop, i.e.that has all the software that people need to do the things they do on their Windows desktops. The advantages are clear: you get a secure system without DRM restrictions that works even on old hardware, and the best thing is: all software comes free of charge.

GNOME: GNOME West Coast Summit Starts Today

The first GNOME event on the USA West Coast starts today. Held in San Francisco, the GNOME West Coast Summit brings together many senior members of the project for high-level technical discussions and planning. Major topics on the agenda for the event include Wayland, KDbus, application sandboxing, and application developer experience.

The summit is a great opportunity for those on the West Coast to get involved in ongoing GNOME initiatives. Participants from Intel, Red Hat, Yorba, Google, Endless Mobile and Elementary OS will be in attendance.

Several open evening events have been organized to coincide with the summit. On Wednesday there will be a local community meet-up, then on Thursday there will be another evening event at Noisebridge. Anyone in the local area should feel free to stop by – details are on the wiki.

Many thanks to Endless Mobile for providing the venue for the event.

PHP number_format() and a problem with negative values rounded to zero

PHP number_format() and a problem with negative values rounded to Zero

As is known, the PHP function number_format() rounds the given value to the needed amount of decimal places.

Distribution Release: Ultimate Edition 3.9

Version 3.9 of Ultimate Edition, an Ubuntu-based distribution and live DVD featuring KDE 4.10.5 as the default desktop environment, is ready for download: “Ultimate Edition 3.9. Time has never been on my side, this is no exception. I am dumping Ultimate Edition 3.9 to the public. I am….

Drupal.org Response to Heartbleed Security Incident

You may have heard that a vulnerability in the OpenSSL cryptographic library called Heartbleed or formally called CVE-2014-0160 has been disclosed and that it represents a potential security threat to a large number of websites. Using this vulnerability, malicious individuals could access sensitive information submitted by people actively visiting a website including usernames, passwords and credit card numbers. Users across the Internet should be especially aware of suspicious activity on their accounts.

We want to communicate a couple pieces of information about this news with regard to Drupal.org.

Members of the Drupal Association staff, Drupal Security Team and Drupal Infrastructure Team have reviewed Drupal.org’s potential exposure to the vulnerability.

As of now, we have no indication that Drupal.org was attacked using this vulnerabililty. That said, the nature of the vulnerability makes an attack difficult to detect and we prefer to be cautious.

We have taken steps to protect users of Drupal.org, including a forced password reset for users with administrative access or access to code repositories for projects. While we have only forced the password reset for some users, we recommend that all of our users change their passwords.

We have taken the following steps to protect Drupal.org account holders:

  • Installed new SSL certificates based on a new private key
  • Revoked the old SSL certificates
  • Replaced the private strings (drupal_private_key and drupal_hash_salt) which are used for a variety of security related purposes in all Drupal sites
  • Replaced the private key used by the “bakery” single-sign-on system on Drupal.org
  • Removed all active sessions
  • Verified the email addresses in use today match those in use a week ago
  • Required that all Drupal.org users with administrative or project repository access to reset their passwords

Also, we simply want to help create awareness about the vulnerability and encourage people to review their sites for exposure. For more information, please see https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0160

Feel free to comment on the post with any questions. Thank you!

FOSS Community Hustles to Fix Gaping Heartbleed Flaw


A flaw in OpenSSL that has been around since 2011, the Heartbleed Bug, lets hackers steal information protected by the SSL/TLS encryption used to secure the Internet. Codenomics, which co-discovered the flaw at about the same time as Google’s Neel Mehta, tested some of its own services and found it could steal “the secret keys used for our X.509 certificates, user names and passwords, instant messages, emails and business-critical documents and information, without using any privileged information or credentials.”

WordPress 3.9 Release Candidate

As teased earlier, the first release candidate for WordPress 3.9 is now available for testing!

We hope to ship WordPress 3.9 next week, but we need your help to get there. If you haven’t tested 3.9 yet, there’s no time like the present. (Please, not on a production site, unless you’re adventurous.)

To test WordPress 3.9 RC1, try the WordPress Beta Tester plugin (you’ll want “bleeding edge nightlies”). Or you can download the release candidate here (zip). If you’d like to learn more about what’s new in WordPress 3.9, visit the work-in-progress About screen in your dashboard ( → About in the toolbar) and check out the Beta 1 post.

Think you’ve found a bug? Please post to the Alpha/Beta area in the support forums. If any known issues come up, you’ll be able to find them here.

If you’re a plugin author, there are two important changes in particular to be aware of:

  • TinyMCE received a major update, to version 4.0. Any editor plugins written for TinyMCE 3.x might require some updates. (If things broke, we’d like to hear about them so we can make adjustments.) For more, see TinyMCE’s migration guide and API documentation, and the notes on the core development blog.
  • WordPress 3.9 now uses the MySQLi Improved extension for sites running PHP 5.5. Any plugins that made direct calls to mysql_* functions will experience some problems on these sites. For more information, see the notes on the core development blog.

Be sure to follow along the core development blog, where we will be continuing to post notes for developers for 3.9. (For example, read this if you are using Masonry in your theme.) And please, please update your plugin’s Tested up to version in the readme to 3.9 before April 16.

Release candidate
This haiku’s the easy one
3.9 is near

How to find out if your server is affected from Openssl Heartbleed vulnerability (CVE-2014-0160) and how to fix that

A severe vulnerability in OpenSSL has been found, the vulnerability is named Heartbleed and affects the heartbeat implementation in Openssl version 1.0.1 up to version 1.0.1f. This velnerability can be used to get the private key of a SSL connection, so it is important to update the server immediately. The bug is fixed in OpenSSL 1.0.1g. All Major Linux Distributions have release updates to the vulnerability.

Securing SSH On Redhat/Centos With WiKID Two-Factor Authentication

Securing SSH On Ubuntu With WiKID Two-Factor Authentication

SSH offers a highly secure channel for remote administration of servers. However, if you face an audit for regulatory or business requirements, such as Visa/Mastercard PCI, you need to be aware of some potential authentication related short-comings that may cause headaches in an audit.

Development Release: GoboLinux 015 Beta 2

Lucas C. Villa Real has announced the availability of the second beta release of GoboLinux 015, an unusual distribution which attempts to redefine the entire UNIX file system hierarchy by placing applications into their own separate directories: “I am pleased to announce the second beta snapshot of GoboLinux….

More Linux Suggestions and Mozilla Outrage

Today in Linux news saw two main themes. Several more articles turned up suggesting Linux for abandoned XP users. In addition, outrage ensues after Mozilla CEO and javascript author is forced to resign his position in response to pressure from activist groups and Mozilla employees. Additionally, The Register is running an article explaining how Microsoft is trying to sabotage Linux. More and more writer/bloggers are suggesting XP users who will be abandoned by Microsoft tomorrow try Linux. Four showed up today not even searching for that topic specifically. The first is from www.sfgate.com saying, "there is another solution that is faster and more secure than Windows XP – or any other version of Windows. It’s Linux, the long-suffering stepchild of the PC industry." Next, www.techradar.com says, "Now that the end of XP is upon us, might it be time to give the world of Linux a try – breathing new life into your old hardware with a solid OS that doesn’t take a spanking new machine to run and which may still give you the security updates you need well into the future?" http://rabble.ca blogger Bob Chandler begins his by saying, "There is an alternative to tossing your computer

Read more at OSTATIC

The Humongous DRM Graphics Pull For Linux 3.15 Was Submitted

The very large DRM pull request for the Linux 3.15 kernel was submitted just moments ago with significant updates to the open-source Linux graphics drivers…

Distribution Release: NexentaStor 4.0

Michael Letschin has announced the release of NexentaStor 4.0, a major new update of the specialist distribution optimised for virtualisation and network-attached storage – based on the Illumos kernel and ZFS file system: “This latest version of NexentaStor delivers significant performance, reliability and functionality improvements to the award-winning….

Lessons Learned from Mozilla’s Edgy Eich Episode


It seems fair to say that we here in the Linux blogosphere are no strangers to difficult topics, but over the past few weeks FOSS fans have been struggling with what may be one of the trickiest yet. It is, of course, the matter of Brendan Eich. Cofounder of Mozilla, creator of JavaScript, Mozilla CTO for years and then CEO for just 10 days, Eich’s term at the helm was cut short as a result of a firestorm of protest over his donation back in 2008 to the campaign for California Proposition 8 opposing same-sex marriage.

Design a Pet Competition!

A chance to design your very own pet to feature in game!

Survival Horror Sandbox Centration Is Out for Linux with a 15% Discount

Centration, a multiplayer survival horror sandbox game developed by Angry Engineers Entertainment, is now available on Steam for Linux with a 15% discount.According to the developers, players will be able to join dozens of others from all over the world to crew a space station in orbit around a gas-giant in the far-flung solar system, Keplar-16. The main goal is to survive by any means necessary.“Join your friends and thousands of other players from around the world to crew space-station… (read more)

20-Way Intel/AMD/NVIDIA GPU Comparison With Ubuntu 14.04 LTS

Last week we covered a 13-way Radeon GPU comparison on Ubuntu 14.04 and we also looked at the state of Nouveau on Ubuntu 14.04 with many NVIDIA GeForce graphics cards. In concluding our latest round of open-source graphics driver tests from the upcoming Ubuntu 14.04 LTS “Trusty Tahr”, here’s a 20-way graphics processor comparison using AMD Radeon, NVIDIA GeForce, and Intel HD Graphics hardware.